Bug 132761

Summary: Invalid server certificates cannot get accepted "forever"
Product: [Applications] konqueror Reporter: Daniel Hahler <kde-bugzilla>
Component: generalAssignee: Konqueror Developers <konq-bugs>
Status: RESOLVED DUPLICATE    
Severity: normal CC: adawit, finex, jammer, lynoure
Priority: NOR    
Version: unspecified   
Target Milestone: ---   
Platform: Ubuntu   
OS: Linux   
Latest Commit: Version Fixed In:
Sentry Crash Report:

Description Daniel Hahler 2006-08-21 22:03:30 UTC 
Version:            (using KDE KDE 3.5.4)
Installed from:    Ubuntu Packages

If I go to https://codeprobe.de/ I get the following warning:

"Server Authentication"
  The IP address of the host codeprobe.de
  does not match the one the certificate was issued to.

  (in console window: "konqueror: Observer::messageBox 4
   The IP address of the host codeprobe.de does not match
   the one the certificate was issued to. - Server
   Authentication")

Clicking on "=> Details" gives:
  Chain:
	0 - Site Certificate: "The certificate has not been issued for this host."
	1 - www.hahler.de - OK
	2 - CAcert Class 3 Root - OK (imported by me IIRC)

When I then click "=> Continue" I get another dialog:
"Would you like to accept this certificate forever without being prompted?"

I click "=> Forever" and all is well for the current session.

But, after I reboot (or maybe just re-login - have not tried it) the same warning appears again.

It does not appear again just after "killall konqueror".
Comment 1 Daniel Hahler 2007-05-02 03:07:36 UTC 
Please mark it as DUP of Bug 143898, which seems to be the same issue.

btw: the certificate from the address above has likely changed since I initially reported this bug.
Comment 2 FiNeX 2008-05-18 19:37:36 UTC 
*** Bug 143898 has been marked as a duplicate of this bug. ***
Comment 3 FiNeX 2008-05-18 20:16:08 UTC 
Bug confirmed on both 3.5.9 and 4 (trunk r806921).
Comment 4 Tyler Wagner 2008-10-07 12:24:13 UTC 
(In reply to comment #0)
> But, after I reboot (or maybe just re-login - have not tried it) the same
> warning appears again.
> 
> It does not appear again just after "killall konqueror".

The problem reappears as soon as you reload the page.  Konqueror changes the KSSL policy back to one hour, not permanent.  See my comments:

https://bugs.launchpad.net/ubuntu/+source/kdebase/+bug/93081/comments/15
Comment 5 Kevin Funk 2010-01-09 11:33:59 UTC 
Duplicate of 207050?
Comment 6 Dawit Alemayehu 2011-06-11 22:36:52 UTC 
I cannot duplicate this at all in KDE v4.6 and up. Does anyone still have this issue using KDE v4.6 or better yet KDE v4.7 beta 1 ? When I choose forever my certificate is stored with a date 1000 years from current year (3011).
Comment 7 jammer 2011-07-26 22:45:55 UTC 
I can confirm that this issue is present in my version of Konqueror
"Version 4.6.5 (4.6.5)
Using KDE Development Platform 4.6.5 (4.6.5)"

This is however a recent regression as Konq from KDE v4.4 did not exhibit this behaviour.

Specifically I am connecting to https://localhost/ which uses an unsigned certificate.

"Would you like to accept the certificate forever without being prompted ?"
   Forever                Current Session only

I click "Forever" and am again presented with the same dialogue for all other pages on this host.
Comment 8 Dawit Alemayehu 2011-12-23 02:42:21 UTC 

*** This bug has been marked as a duplicate of bug 233628 ***